WordPress Releases 6.9.4 After Incomplete Security Fixes in Versions 6.9.2 and 6.9.3
WordPress released version 6.9.4 after discovering that earlier updates failed to fully apply fixes for ten security vulnerabilities affecting versions up to 6.9.1.
Web Security5
Check out the latest posts
Vulnerability Discovered in Redirection for Contact Form 7 WordPress Plugin
A vulnerability in the Redirection for Contact Form 7 WordPress plugin allows unauthenticated attackers to upload or copy files under certain server configurations. Users are advised to update to version 3.2.8 or later.
Chrome to Warn Users Before Loading HTTP Sites Starting Next Year
Google Chrome will enable “Always Use Secure Connections” by default in October 2026, warning users before loading non-HTTPS sites. The update aims to close remaining web security gaps as HTTPS adoption plateaus around 95–99%.
Google Quietly Signals That NotebookLM Bypasses robots.txt
Google has quietly confirmed that its AI tool, NotebookLM, ignores robots.txt rules when fetching content on behalf of users. This shift raises major questions about web privacy, content control, and how publishers can protect their data from AI-driven content extraction.
Severe WordPress Plugin Flaws Put 20,000+ Travel Websites at Risk
Two critical vulnerabilities in the WP Travel Engine plugin put over 20,000 WordPress travel sites at risk. Both allow unauthenticated attackers to take full control of websites. Immediate updates are strongly advised.